[
https://issues.apache.org/jira/browse/HDFS-17478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17838570#comment-17838570
]
ASF GitHub Bot commented on HDFS-17478:
---------------------------------------
ZanderXu commented on code in PR #6749:
URL: https://github.com/apache/hadoop/pull/6749#discussion_r1570370110
##########
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSPermissionChecker.java:
##########
@@ -89,6 +89,7 @@ private String toAccessControlString(INodeAttributes
inodeAttrib,
private final Collection<String> groups;
private final boolean isSuper;
private final INodeAttributeProvider attributeProvider;
+ private final AccessControlEnforcer accessControlEnforcer;
Review Comment:
How about using a space between `AccessControlEnforcer` and
`accessControlEnforcer`?
> FSPermissionChecker to avoid obtaining a new AccessControlEnforcer instance
> before each authz call
> --------------------------------------------------------------------------------------------------
>
> Key: HDFS-17478
> URL: https://issues.apache.org/jira/browse/HDFS-17478
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: namanode
> Reporter: Madhan Neethiraj
> Assignee: Madhan Neethiraj
> Priority: Major
> Labels: pull-request-available
> Attachments: HDFS-17478.patch
>
>
> An instance of AccessControlEnforcer is obtained from the registered
> INodeAttributeProvider before every call made to authorizer. This can be
> avoided by initializing the AccessControlEnforcer instance during
> construction of FsPermissionChecker and using it in every subsequent call to
> the authorizer. This will eliminate the unnecessary overhead in highly
> performance sensitive authz code path.
>
> CC: [~abhay], [~arp], [~swagle]
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
